当前位置: 首页 > 图文教程 > 网络编程 > ASP > 不通过数据源完全控制MDB数据库

ASP
生成像资源管理器一样的树形目录
将连接数据库的代码隐藏在DLL中
ASP中从数据库读取二进制文件数据代码
asp查询xml的代码,实现了无刷新、模糊查询功能
一个asp函数, 解决SQL Injection漏洞
在ASP中利用COM组件开发Web应用程序
关于如何利用COM+,来提高ASP执行权限的问题!
升级MD5.ASP,打造完全动态不重复的安全加密代码
ASP安全检测与过滤函数SafeCheck
在ASP中,用JScript脚本实现分页的另类办法
查看服务器Application/Session变量工具
自己写的一个简单ASP调用存储过程查询
ASP登陆验证页应做的安全问题
使用ASP与javascript配合实现多个复选框数据关联显示
Windows 2003下不注册组件用ASP发邮件
数据分页方法新思路,速度非常快!
ASP程序中同一个用户不允许同时登陆两次
分栏显示记录集的表格演示,并实现了分页
关于Adodb.Stream的写数据库数据到客户端文件的实践
将ASP的Debug变得简单的两个函数

ASP 中的 不通过数据源完全控制MDB数据库


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-11-03   浏览: 232 ::
收藏到网摘: n/a

<%

' BEGIN USER CONSTANTS

' To just use a DSN, the format is shown on the next line:

'Const DSN_NAME = "DSN=ASP101email"

' Two other samples I used it with.  Left in as syntax examples for DSN-less connections

'Const DSN_NAME = "DBQ=C:\InetPub\wwwroot\asp101\samples\database.mdb;Driver={Microsoft Access Driver (*.mdb)};DriverId=25"

'Const DSN_NAME = "DBQ=C:\InetPub\database\donations.mdb;Driver={Microsoft Access Driver (*.mdb)};DriverId=25"

 

Dim DSN_NAME

DSN_NAME = "DBQ=" & Server.MapPath("db_dsn.mdb") & ";Driver={Microsoft Access Driver (*.mdb)};DriverId=25;"

Const DSN_USER = "username"

Const DSN_PASS = "password"

' Ok, I know these are poorly named constants, so sue me!

' This script can be used without actually setting up a DSN, so

' DSN_NAME as well as the other two constants should really be named

' something more generic like CONNECTION_STRING, CONNECTION_USER, and

' CONNECTION_PASS, but I did it this way without really thinking about

' it and I'm too lazy to change it now.  If it bothers you, you do it!

' END USER CONSTANTS

 

' BEGIN SUBS & FUNCTIONS SECTION

Sub OpenConnection

Set objDC = Server.CreateObject("ADODB.Connection")

objDC.ConnectionTimeout = 15

objDC.CommandTimeout = 30

objDC.Open DSN_NAME, DSN_USER, DSN_PASS

End Sub

 

Sub OpenRecordset(sType)

Dim sSqlString ' as String - building area for SQL query

Dim sCritOperator ' as String - basically "=" or "LIKE"

Dim sCritDelimiter ' as String - parameter delimiter "", "'", or "#"

 

Set objRS = Server.CreateObject("ADODB.Recordset")

Select Case sType

Case "ListTables" ' Open RS of the Tables in the DB

Set objRS = objDC.OpenSchema(adSchemaTables)

Case "ViewTable"  ' Open the Selected Table

Set objRS = Server.CreateObject("ADODB.Recordset")

objRS.Open "[" & sTableName & "]", objDC, adOpenForwardOnly, adLockReadOnly

Case "DrillDown"  ' Open the Recordset built by the selected options

Set objRS = Server.CreateObject("ADODB.Recordset")

 

' Build Our SQL Statement

sSqlString = "SELECT * FROM [" & sTableName & "]"

 

' If we're limiting records returned - insert the WHERE Clause into the SQL

If sCritField <> "" Then

' Figure out if we're dealinh with Numeric, Date, or String Values

Select Case iCritDataType

Case adSmallInt, adInteger, adSingle, adDouble, adDecimal, adTinyInt, adUnsignedTinyInt, adUnsignedSmallInt, adUnsignedInt, adBigInt, adUnsignedBigInt, adBinary, adNumeric, adVarBinary, adLongVarBinary, adCurrency, adBoolean

sCritOperator = "="

sCritDelimiter = ""

Case adDate, adDBDate, adDBTime, adDBTimeStamp

sCritOperator = "="

sCritDelimiter = "#"

Case adBSTR, adChar, adWChar, adVarChar, adLongVarChar, adVarWChar, adLongVarWChar

sCritOperator = "LIKE"

sCritDelimiter = "'"

End Select

sSqlString = sSqlString & " WHERE [" & sCritField & "] " & sCritOperator & " " & sCritDelimiter & sCritValue & sCritDelimiter

End If

 

' If we're sorting - insert the ORDER BY clause

If sSortOrder <> "none" Then

sSqlString = sSqlString & " ORDER BY [" & sSortField & "] " & sSortOrder

End If

 

sSqlString = sSqlString & ";"

 

' Open the actual Recordset using a Forward Only Cursor in Read Only Mode

objRS.Open sSqlString, objDC, adOpenForwardOnly, adLockReadOnly

End Select

End Sub

 

Sub CloseRecordset

objRS.Close

Set objRS = Nothing

End Sub

 

Sub CloseConnection

objDC.Close

Set objDC = Nothing

End Sub

 

Sub WriteTitle(sTitle)

Response